Configuring firewall post install

ℹ️ Support
1

[/details]

Nextcloud version (13.05.2:
Operating system and version (eg, Ubuntu 18.04):
Apache or nginx version (eg, nginx 1.14):
PHP version (eg, 7.2):

The issue you are facing:
Ive finally installed Nextcloud Server to the way ive always wanted, but just realized i forgot to configure the firewall ufw and is listed as disabled.
I recall trying to enable ufw post install before and getting errors.

Could i simply enable ufw and carry on?
I’ve already got 443 and 80 forwarded. the server is working perfectly.

Is this the first time you’ve seen this error? (Y/N): n

Steps to replicate it:

  1. forget to enable ufw during install

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

PASTE HERE
<?php
$CONFIG = array (
  'instanceid' => 'oc1mu5u4hq6i',
  'passwordsalt' => '1t+UHQDj9GIV+AvmQG/DucIrCd/p+J',
  'secret' => 'LJLg2nPxs3Oht7c5grtqpccCBjm5nTsuBOwpz3cJ0ODYOpRH',
  'trusted_domains' => 
  array (
    0 => 'xxxxxxxxxx.com',
    1 => '192.xxx.xx.x',
  ),
  'datadirectory' => '/usr/share/nginx/nextcloud/data',
  'overwrite.cli.url' => 'https://xxxxx.com',
  'dbtype' => 'mysql',
  'version' => '13.0.5.2',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost:3306',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'xxxxxxxxxxxx',
  'dbpassword' => '----------',
  'installed' => true,
  'memcache.local' => '\OC\Memcache\APCu',
);
2

It’s not too late to enable UFW, you can do it at any time. If you’re using SSH or other software to remote into the server, you’ll want to make sure that’s allowed before you flip the switch, but that’s about the only ‘gotcha’.

DigitalOcean has a nice how-to for allowing connections in a simple way, for once you figure out those errors.

3

Hey thanks man.

That article from Digital ocean did the trick! Solved!

But no i am getting something odd in my logs from the webui after checking on things after firewall config etc… And i dont know if this has anything to do with firewall or not.

Could this mess be firewall related?

Im going to go ahead and restart again to see if anything changes.

Fatal	webdav	Doctrine\DBAL\Exception\DriverException: An exception occurred while executing 'INSERT INTO `oc_filecache` (`mimepart`,`mimetype`,`mtime`,`size`,`etag`,`storage_mtime`,`permissions`,`parent`,`checksum`,`path_hash`,`path`,`name`,`storage`) SELECT ?,?,?,?,?,?,?,?,?,?,?,?,? FROM `oc_filecache` WHERE `storage` = ? AND `path_hash` = ? HAVING COUNT(*) = 0' with params ["3", "14", 1533944502, 10000000, "0226341311830dbb3b3535b02e58b5cd", 1533944502, 27, 9408, "", "4563f9eb3a56d38470b31b20f7d42c0d", "uploads\/1146891470\/00000123", "00000123", 2, 2, "4563f9eb3a56d38470b31b20f7d42c0d"]: SQLSTATE[40001]: Serialization failure: 1213 Deadlock found when trying to get lock; try restarting transaction
/usr/share/nginx/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/DBALException.php - line 128: Doctrine\DBAL\Driver\AbstractMySQLDriver->convertException('An exception oc...', Object(Doctrine\DBAL\Driver\PDOException))
/usr/share/nginx/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php - line 1015: Doctrine\DBAL\DBALException driverExceptionDuringQuery(Object(Doctrine\DBAL\Driver\PDOMySql\Driver), Object(Doctrine\DBAL\Driver\PDOException), 'INSERT INTO `oc...', Array)
/usr/share/nginx/nextcloud/lib/private/DB/Connection.php - line 216: Doctrine\DBAL\Connection->executeUpdate('INSERT INTO `oc...', Array, Array)
/usr/share/nginx/nextcloud/lib/private/DB/Adapter.php - line 114: OC\DB\Connection->executeUpdate('INSERT INTO `oc...', Array)
/usr/share/nginx/nextcloud/lib/private/DB/Connection.php - line 254: OC\DB\Adapter->insertIfNotExist('*PREFIX*filecac...', Array, Array)
/usr/share/nginx/nextcloud/lib/private/Files/Cache/Cache.php - line 273: OC\DB\Connection->insertIfNotExist('*PREFIX*filecac...', Array, Array)
/usr/share/nginx/nextcloud/lib/private/Files/Cache/Cache.php - line 230: OC\Files\Cache\Cache->insert('uploads/1146891...', Array)
/usr/share/nginx/nextcloud/lib/private/Files/Cache/Scanner.php - line 292: OC\Files\Cache\Cache->put('uploads/1146891...', Array)
/usr/share/nginx/nextcloud/lib/private/Files/Cache/Scanner.php - line 221: OC\Files\Cache\Scanner->addToCache('uploads/1146891...', Array, -1)
/usr/share/nginx/nextcloud/lib/private/Files/Cache/Scanner.php - line 336: OC\Files\Cache\Scanner->scanFile('uploads/1146891...', 3, 9408, false, false)
/usr/share/nginx/nextcloud/lib/private/Files/Cache/Updater.php - line 124: OC\Files\Cache\Scanner->scan('uploads/1146891...', false, 3, false)
/usr/share/nginx/nextcloud/apps/dav/lib/Connector/Sabre/File.php - line 232: OC\Files\Cache\Updater->update('uploads/1146891...')
/usr/share/nginx/nextcloud/apps/dav/lib/Connector/Sabre/Directory.php - line 156: OCA\DAV\Connector\Sabre\File->put(Resource id #8)
/usr/share/nginx/nextcloud/apps/dav/lib/Upload/UploadFolder.php - line 39: OCA\DAV\Connector\Sabre\Directory->createFile('00000123', Resource id #8)
/usr/share/nginx/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php - line 1096: OCA\DAV\Upload\UploadFolder->createFile('00000123', Resource id #8)
/usr/share/nginx/nextcloud/3rdparty/sabre/dav/lib/DAV/CorePlugin.php - line 529: Sabre\DAV\Server->createFile('uploads/adminis...', Resource id #8, NULL)
[internal function] Sabre\DAV\CorePlugin->httpPut(Object(Sabre\HTTP\Request), Object(Sabre\HTTP\Response))
/usr/share/nginx/nextcloud/3rdparty/sabre/event/lib/EventEmitterTrait.php - line 105: call_user_func_array(Array, Array)
/usr/share/nginx/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php - line 479: Sabre\Event\EventEmitter->emit('method PUT', Array)
/usr/share/nginx/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php - line 254: Sabre\DAV\Server->invokeMethod(Object(Sabre\HTTP\Request), Object(Sabre\HTTP\Response))
/usr/share/nginx/nextcloud/apps/dav/lib/Server.php - line 287: Sabre\DAV\Server->exec()
/usr/share/nginx/nextcloud/apps/dav/appinfo/v2/remote.php - line 35: OCA\DAV\Server->exec()
/usr/share/nginx/nextcloud/remote.php - line 164: require_once('/usr/share/ngin...')
{main}
4

If you’re able to log in to Nextcloud again (which would mean your SQL port, if any, is not blocked), then I don’t think it’s firewall-related. Otherwise, I’d examine your database connection settings in Nextcloud’s config/config.php. If you’re running your SQL server on that machine, you should be able to set the db hostname to localhost, and the firewall will ignore it.